Banks Ask Feds for Cyber Help

After a months-long campaign of hacker attacks on bank websites, and word that the attacks might be sponsored by the government of Iran, the banking industry is now looking to Uncle Sam for help.

From Siobhan Gorman and Danny Yadron of The Wall Street Journal:

Financial firms have spent millions of dollars responding to the attacks, according to bank officials, who add that they can't be expected to fend off attacks from a foreign government.

Defense officials have said Iran's government is behind the assault. Officials from several affected banks, including PNC Financial Services Group Inc., SunTrust Banks Inc. and BB&T Corp. are urging the U.S. government to stop or mitigate the attacks, according to investigators.

The outcry is particularly significant from an industry that usually seeks to keep the government at arm's length. Financial-services groups opposed a legislative effort last year to establish cybersecurity standards for key private-sector businesses, saying it could undermine protections already in place.

"The financial sector has historically been so sophisticated and organized in its security approach," said Kiersten Todt Coon, a former staff member on the Senate Homeland Security and Governmental Affairs Committee and now president of Liberty Group Ventures LLC, a risk-management firm. "When they choose to go to the government, that shows how strong the severity of this threat is."

It's probably a little nerve-racking for bank customers to hear their banks are seeking help from defense officials against what may be state-sponsored cyberterrorism. But as Gorman and Yadron note, as far as we know, the hackers in question haven't actually been able to crack open bank databases and grab consumers' data.

As I wrote a few months ago, so far, the attacks have been limited to advanced versions of an old hacker favorite: the distributed denial of service attack. DDoS attacks, as they're known, simply flood a website with "clicks" until they're forced to shut down. As a result, all they've managed to do is inconvenience customers doing their banking and inhibit banks' ability to do business by making banks' websites inaccessible. That's definitely not optimal, but at least for customers, it's not the end of the world, either.

Of course, there's a risk the hackers, who appear to be very well-funded, will change tactics and manage to access more critical bank networks, at which point customers could be seriously harmed. But as of today, these attacks are a bigger problem for your bank than they are for you.

What do you think? Should the federal government help the banks fight off these cyberattacks? Do you worry about hackers getting access to your money?